Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

gs-sepolicy(uwb): Allow uwb hal permission to net_admin am: 5ddc8be4f4

Browse source 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17092573

Change-Id: Ie187d9ecdea4c00c4f08bd2d1dea82ce3ffd9a5e
This commit is contained in:
Roshan Pius 2022-03-14 16:40:40 +00:00 committed by Automerger Merge Worker
commit b27000aab9
2 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
tracking_denials/hal_uwb_vendor_default.te
View file

@ -1,7 +1,6 @@
# b/204718220 # b/204718220
dontaudit hal_uwb_vendor_default default_android_service:service_manager { add }; dontaudit hal_uwb_vendor_default default_android_service:service_manager { add };
# b/206045367 # b/206045367
dontaudit hal_uwb_vendor_default hal_uwb_vendor_default:capability { net_admin };
dontaudit hal_uwb_vendor_default zygote:binder { call }; dontaudit hal_uwb_vendor_default zygote:binder { call };
dontaudit hal_uwb_vendor_default zygote:binder { transfer }; dontaudit hal_uwb_vendor_default zygote:binder { transfer };
# b/208721505 # b/208721505

2
whitechapel_pro/hal_uwb_vendor.te
View file

@ -9,6 +9,8 @@ binder_call(hal_uwb_vendor_server, servicemanager)
# allow hal_uwb_vendor to set wpan interfaces up and down # allow hal_uwb_vendor to set wpan interfaces up and down
allow hal_uwb_vendor self:udp_socket create_socket_perms; allow hal_uwb_vendor self:udp_socket create_socket_perms;
allowxperm hal_uwb_vendor self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFHWADDR SIOCETHTOOL }; allowxperm hal_uwb_vendor self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFHWADDR SIOCETHTOOL };
# TODO(b/190461440): Find a long term solution for this.
allow hal_uwb_vendor self:global_capability_class_set { net_admin };
# allow hal_uwb_vendor to speak to nl802154 in the kernel # allow hal_uwb_vendor to speak to nl802154 in the kernel
allow hal_uwb_vendor self:netlink_generic_socket create_socket_perms_no_ioctl; allow hal_uwb_vendor self:netlink_generic_socket create_socket_perms_no_ioctl;